What is claimed is: 



CLAIMS 



1 1 . A method for providing a first network resource access to a second 

2 network resource, comprising: 

3 receiving profile data; 

4 generating temporary credentials for accessing the second network resource 

5 using the profile data; and 

6 providing the first network resource with the temporary credentials. 

J l 1 2. The method of Claim 1 , further comprising the act of invalidating the 

CI 2 temporary credentials following a termination event. 

m 

J'{ 1 3. The method of Claim 2, wherein the termination event involves the 

|«J 2 lapse of a set time period. 

h 

1 4. The method of Claim 2, wherein the termination event Involves the first 

rj 2 server accessing the second server. 

fi. 

1 5. The method of Claim 1 , wherein the act of generating temporary 

2 credentials includes generating temporary credentials that provide limited access to 

3 the second server. 

1 6. A method for accessing a data service, comprising: 

2 instructing a client to provide profile data to an Identification service, the 

3 identification service having access to one or more profiles used to access one or 

4 more data services, the profile data identifying a particular profile; 

5 receiving the profile data; 

6 generating temporary credentials for accessing the data service identified by 

7 the particular profile; and 

8 accessing the data service using the temporary credentials. 
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1 7. The method of Claim 6, wherein the act of instructing the client 

2 Includes providing a user interface that includes Instruction to send profile data to the 

3 identification service, and sending the interface to the client. 

1 8. The method of Claim 6, wherein the act of Instructing the client 

2 comprises redirecting the client to the identification service. 

1 9- The method of Claim 6, further comprising the act of Invalidating the 

2 temporary credentials following a termination event. 

1 10. The method of Claim 6, wherein the act of generating temporary 

|| 2 credentials comprises generating temporary credentials that provide limited access 

3 to the data service. 

m: ■ 

^'J 1 11- The method of Claim 6, wherein the act of generating an interface 

I 2 includes generating a framed web page having a first frame and a second frame, the 

|j 3 method further comprising providing, for the first frame, content for directing an 

W 4 application, and providing, for the second frame, content for selecting one or more 

g 5 electronic files managed by the data service Identified by the specified profile. 

1 1 2. The method of Claim 1 1 , wherein the act of sending the profile data 

2 includes sending a cookie identifying the particular profile upon opening the framed 

3 web page. 

1 1 3. The method of Claim 1 1 , wherein the act of generating an interface 

2 includes generating an Interface that includes Instructions to request a web bug from 

3 the Identification service, and wherein the act of sending the profile data includes 

4 requesting the web bug, the request Including a cookie identifying the particular 

5 profile. 
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1 1 4. A method for accessing a data service, comprising: 

2 receiving, from a client, a request to direct an application; 

3 instructing the client device to provide profile data to an identification service, 

4 the identification service having access to one or more profiles for identifying 

5 accessing one or more data services, the profile data identifying a particular profile; 

6 receiving the profile data 

7 generating temporary credentials for accessing the data service identified by 

8 the particular profile; and 

9 accessing the data service using the temporary credentials. 

1 15. The method of Claim 14, wherein the act of instructing the client 

|;| 2 includes generating a user interface that includes instruction to send profile data to 

|:{ 3 the identification service, and sending the interface to the client. 

m 

\'l 1 16. The method of Claim 14, wherein the act of instructing the client 

2 comprises redirecting the client to the identification service. 

h 

1 17. The method of Claim 1 4, further comprising the act of invalidating the 

%4 2 temporary credentials following a termination event. 

C;l .. ■ 
ly , 

1 1 8. The method of Claim 14, wherein the act of generating temporary 

2 credentials comprises generating temporary credentials that provide limited access 

3 to the data service. 

1 19. The method of Claim 14, wherein the act of generating an interface 

2 includes generating a framed web page having a first frame and a second frame, the 

3 method further comprising providing, for the first frame, content for directing an 

4 application, and providing, for the second frame, content for selecting one or more 

5 electronic files managed by the data service identified by the particular profile. 

1 20. The method of Claim 1 9, wherein the act of generating the framed web 

2 page includes generating a framed web page that includes instructions to request a 

3 web bug from the identification service, and wherein the act of sending the profile 
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data includes requesting the web bug upon opening the framed web page, the 
request including a cookie identifying the specified profile. 

21 . A computer readable medium having instructions for: 
receiving profile data; 

using the profile data to generate temporary credentials for accessing a first 
server; and 

providing a second server with the temporary credentials. 

22. The medium of Claim 21 , further having instructions for invalidating the 
temporary credentials following a termination event. 

23. The medium of Claim 22, wherein the termination event involves the 
lapse of a set period of time. 

24. The medium of Claim 22, wherein the termination event Involves the 
first server accessing the second server. 

25. The medium of Claim 21 , wherein the instructions for generating 
temporary credentials include Instructions for generating temporary credentials that 
provide limited access to the second server. 

26. A computer readable medium having instructions for: 
instructing a client to provide profile data to an identification service, the 

identification service having access to one or more profiles used to access one or 
more data services, the profile data identifying a particular profile; 
receiving the profile data; 

generating temporary credentials for accessing the data service identified by 
the particular profile; and 

accessing the data service with the temporary credentials. 

27. The medium of Claim 30, wherein the instructions for instructing the 
client include instructions for generating a user interface that includes instruction to 
send profile data to the identification service, and sending the interface to the client. 
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28. The medium of Claim 30, wherein the instructions for instructing the 
client comprise Instructions for redirecting the client to the identification service. 

29. The medium of Claim 30, wherein the Instructions for generating 
temporary credentials comprise instructions for generating temporary credentials that 
provide limited access to the data service. 

30. The medium of Claim 30, wherein the instructions for generating an 
Interface include instructions for generating a framed web page having a first frame 
and a second frame, the medium comprising further instructions for providing, for the 
first frame, content for directing an application, and providing, for the second frame, 
content for selecting one or more electronic files managed by the accessed data 
service. 

31 . The medium of Claim 30, wherein the instructions for generating the 
framed web page include instructions for generating a framed web page that includes 
instructions to request a web bug from the identification sen/ice, the request to 
include a cookie Identifying the particular profile. 

32. A computer readable medium having instructions for: 
generating an interface having user accessible controls for creating a profile 

for accessing a data service; 

creating a profile according to selections made through the interface; 

providing a client device with profile data identifying a created profile; 

upon receiving profile data, retrieving a profile identified by the profile data 
received; 

generating temporary credentials for accessing the data service identified by 
the retrieved profile; and 

providing an application server with the temporary credentials. 

33. The medium of Claim 36, further comprising instructions for 
invalidating the temporary credentials following a termination event. 
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1 34. The medium of Claim 37, wherein the termination event involves the 

2 lapse of a set time period. 

1 35. The medium of Claim 37, wherein the termination event involves 

2 accessing the data service. 

1 36. The medium of Claim 36, wherein the instructions for generating 

2 temporary credentials comprise instructions for generating temporary credentials that 

3 provide limited access to the data service. 



M 1 37. The medium of Claim 36, wherein the Instructions for providing a client 

M 

PI 2 device with profile data comprise instructions for generating a cookie containing data 

p 3 identifying the created profile and instructing a web browser operating on the client 

jj 4 device to save the cookie. 

a 1 38. A computer readable medium having instructions for: 

Ij 2 generating a profile interface having user accessible controls for creating a 

f\i 3 profile for locating and accessing a data service; 

4 creating a profile according to selections made through the profile interface; 

f4 5 providing a client device with profile data identifying a created profile; 

6 receiving a request to access an application; 

7 instructing a client to send profile data; 

8 receiving the profile data; 

9 retrieving a profile identified by the profile data; 

1 0 generating temporary credentials for accessing a data service identified by 

1 1 the retrieved profile; and 

12 accessing the data service with the temporary credentials. 

1 39. The medium of Claim 38, wherein the instructions for instructing the 

2 client include instructions for generating a user interface that includes instruction to 

3 send profile data to the identification service, and sending the interface to the client. 

1 40. The medium of Claim 38, wherein the instructions for instructing the 

2 client comprise instructions for redirecting the client to the identification service. 
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1 41 . The medium of Claim 38, wherein the instructions for generating 

2 temporary credentials comprise instructions for generating temporary credentials that 

3 provide limited access to the data service. 

1 42. The medium of Claim 38, wherein the instructions for generating an 

2 interface include instructions for generating a framed web page having a first frame 

3 and a second frame, the medium having further instructions for providing, for the first 

4 frame, content for directing the application, and providing, for the second frame, 

5 content for selecting one or more electronic files managed by the accessed data 

6 service. 

1 43. The medium of Claim 38, wherein the instructions for providing a client 

2 device with profile data comprise instructions for providing the client device with a 

3 cookie, and wherein the instructions for generating the framed web page include 

4 instructions for generating a framed web page that includes instructions to request a 

5 web bug from the identification service, the request to include the cookie. 

1 44. A system for providing a first server with access to a second server, 

2 comprising: an identification service in communication with a credential module, the 

3 credential module operable to use a profile acquired by the identification service to 

4 generate temporary credentials for accessing the second server, the identification 

5 service being operable to receive profile data, to acquire a profile identified by the 

6 profile data, and to provide the first server with the temporary credentials generated 

7 by the credential module. 

1 45. The system of Claim 44, wherein the credential module is further 

2 operable to invalidate the temporary credentials following a termination event. 

1 46. The system of Claim 45, wherein the termination event involves the 

2 lapse of a set time period. 

1 47. The system of Claim 45, wherein the termination event involves the 

2 first server accessing the second server. 
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1 48. The system of Claim 44, wherein the credential module is further 

2 operable to generate temporary credentials that provide limited access to the second 

3 server. 

1 49. A system for accessing a data service comprising: 

2 an identification service operable to receive profile data identifying a particular 

3 profile and to provide that profile, the profile to contain electronic data used to identify 

4 the data service; 

5 a credential module operable to obtain the profile from the identification 
.^^^ 6 service, generate temporary credentials, and map those credentials to the data 
© 7 service Identified by the profile; and 

£;| 8 an application server operable to serve an interface containing instructions to 

y 9 send profile data to the identification service, to obtain the temporary credentials, and 

I 10 to access the data service with the temporary credentials. 

'1- ^ 1 50. The system of Claim 49, wherein the credential module is further 

h j 2 operable to invalidate the temporary credentials following a termination event. 

Si 

pj 1 51 . The system of Claim 49, further comprising: 

2 an application content provider in communication with the application server 

3 and operable to generate content for directing an application; and 

4 a data content provider in communication with the application server and 

5 operable to generate content for selecting electronic files managed by the accessed 

6 data service. 

1 52. The system of Claim 51 , wherein the application server is operable to 

2 create the interface in the form of a framed web page having a first frame for 

3 displaying the content generated by the application content provider and a second 

4 frame for displaying the content generated by the data content provider, the framed 

5 web page also including instructions to request a web bug from the identification 

6 service, the request to include the profile data. 
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1 53. The system of Claim 51, further comprising a web browser operable to 

2 request and display the interface in the form of the framed web page and to request 

3 the web bug providing the profile data to the Identification service. 

1 54. A system for accessing a data service comprising: 

2 an Identification service operable to generate a profile interface having user 

3 accessible controls for creating a profile containing electronic data used to identify 

4 the data service, to create a profile using selections made through the profile 

5 interface, to issue instructions to store profile data used to access the created profile, 

6 to receive profile data identifying a particular profile, and to provide that profile; 
1=*^ 7 a credential module operable to obtain the profile from the identification 
fcj 8 service, generate temporary credentials, and map those credentials to the data 
W 9 service Identified by the profile; and 

10 an application server operable to serve an application interface that includes 

1 1 instructions to send profile data to the Identification service, to obtain the temporary 
fe 12 credentials, and to access the data service using the temporary credentials. 

a. 

fy 1 55. The system of Claim 54, wherein the credential module is further 

SI ' 

is,v 2 operable to invalidate the temporary credentials following a termination event. 

W- . ■ 

1 56. The system of Claim 54, further comprising: 

2 an application content provider in communication with the application server 

3 and operable to generate application content for directing an application; and 

4 a data content provider in communication with the application server and 

5 operable to generate data content for selecting electronic files managed by the 

6 accessed data service. 

1 57. The system of Claim 56, wherein the application server is operable to 

2 create the application interface in the form of a framed web page having a first frame 

3 for displaying the content generated by the application content provider and a 

4 second frame for displaying the content generated by the data content provider, the 

5 framed web page also including instructions to request a web bug from the 

6 identification service, the request to include the profile data. 
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1 58. The system of Claim 54, further comprising a browser operable to 

2 request and display the profile and application interfaces. 

1 59. A system for accessing data, comprising: 

2 a means for generating a profile interface having user accessible controls for 

3 creating a profile containing electronic data used to identify a particular data service; 

4 a means for creating a profile using selections made through the profile 

5 Interface; 

6 a means for issuing instructions to store profile data used to access the 

7 created profile; 

8 a means for receiving profile data Identifying a particular profile; 
II 9 a means for providing the particular profile; 

0;i 1 0 a means for generating temporary credentials; 

|! 11 a means for mapping the temporary credentials to the data service identified 

M 12 by the provided profile; 

^13 a means for serving an application interface that includes instructions to send 

1 4 profile data to the identification service; 
% 1 5 a means for accessing the data service using the temporary credentials; and 

^'1 16 a means for invalidating the temporary credentials. 

fell 

M ■ 
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